chore(deps): update camunda-community-hub/community-action-maven-release action to v2

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
camunda-community-hub/community-action-maven-release	action	major	v1 → v2

---

Release Notes

camunda-community-hub/community-action-maven-release (camunda-community-hub/community-action-maven-release)

v2.0.3

Compare Source

What's Changed

• fix: add camunda-nexus-release server and set credentials for build step by @​szpraat in #​80

New Contributors

• @​szpraat made their first contribution in #​80

Full Changelog: camunda-community-hub/community-action-maven-release@v2.0.2...v2.0.3

v2.0.2

Compare Source

What's Changed

• chore: drop fallback to OSSRH for deployment to io/org.camunda namespaces by @​clementnero in #​77

Full Changelog: camunda-community-hub/community-action-maven-release@v2...v2.0.2

v2.0.1

Compare Source

What's Changed

• chore: drop fallback to OSSRH for deployment to io.zeebe namespace by @​clementnero in #​76

Full Changelog: camunda-community-hub/community-action-maven-release@v2.0.0...v2.0.1

v2.0.0

Compare Source

What's Changed

🚀 Migration to central-sonatype-publish & Sonatype Central Portal

📖 FAQ & Migration Guide

This release introduces support for the new central-sonatype-publish profile, used for deploying via the Sonatype Central Portal, replacing OSSRH.

🚨 Users must read the FAQ & Migration Guide before upgrading to @v2, as the migration requires updates to action inputs and upgrading the community-hub-release-parent parent POM.

A dynamic fallback to the deprecated oss-maven-central profile is temporarily available and will be deactivated once the migration is complete (more details in the migration guide).

⚠️ Deprecations

• maven-url, maven-usr, and maven-psw inputs are deprecated in @v2 and will be removed in @v3. Please see the migration guide for more details.

Changes

• feat: support central-sonatype-publish profile for Sonatype Central Portal publishing by @​clementnero in #​74

Full Changelog: camunda-community-hub/community-action-maven-release@v1...v2.0.0

v2

Compare Source

v1.2.4

Compare Source

What's Changed

• fix: shellcheck error and some warnings by @​cmur2 in #​69
• chore: update 3rd party GHAs in CI by @​cmur2 in #​70
• chore: remove GHA boilerplate and reorder for readability by @​cmur2 in #​72
• chore: add warnings for outdated parent POM or use of deprecated oss-maven-central profile by @​clementnero in #​75

New Contributors

• @​cmur2 made their first contribution in #​69
• @​clementnero made their first contribution in #​75

Full Changelog: camunda-community-hub/community-action-maven-release@v1.2.3...v1.2.4

v1.2.3

Compare Source

What's Changed

• Update action.yml by @​jonathanlukas in #​68

Full Changelog: camunda-community-hub/community-action-maven-release@v1...v1.2.3

v1.2.2

Compare Source

What's Changed

• Update README.md by @​p-wunderlich in #​66

New Contributors

• @​p-wunderlich made their first contribution in #​66

Full Changelog: camunda-community-hub/community-action-maven-release@v1.2.1...v1.2.2

v1.2.1

Compare Source

What's Changed

• Adjusted secret names to agreed ones by @​jonathanlukas in #​65

Full Changelog: camunda-community-hub/community-action-maven-release@v1.2...v1.2.1

v1.2

Compare Source

What's Changed

• reflect changes to the deployment credentials by @​jonathanlukas in #​64

New Contributors

• @​jonathanlukas made their first contribution in #​64

Full Changelog: camunda-community-hub/community-action-maven-release@v1...v1.2

What's Changed

• Update action.yml by @​jonathanlukas in #​68

Full Changelog: camunda-community-hub/community-action-maven-release@v1.2.2...v1.2

v1.1.0

Compare Source

Changes

• Cleaned-up action (also tackling duplicate deployments camunda-community-hub/community-hub-release-parent#17 and auto releasing artifacts #​48)
• Updating dependencies

Thanks @​zambrovski for helping out!

v1.0.13

Compare Source

What's new

• Allow configuring the git branch as input to action (see 2e3b656)

v1.0.12

Compare Source

What's new

• Merged #​32, which fixes configuration of the Actions-R-Us workflow in v1.0.11

Up next

• Scope addressing #​2
• Evaluate creating a Community Hub build system comprising of https://github.com/camunda-community-hub/template-repo, the Camunda Community Hub parent POM, and the Community Hub Maven Release action

v1.0.11

Compare Source

What's new:

• Added Actions-R-Us to the action.yml file to keep action versions up-to-date
• Added default value of latest to release workflow
• Added latest tag to releases for use with Actions-Release workflow tooling

Up next

• Scope addressing #​2
• Evaluate creating a Community Hub build system comprising of https://github.com/camunda-community-hub/template-repo, the Camunda Community Hub parent POM, and the Community Hub Maven Release action

v1.0.10

Compare Source

Changes:

• Updates the usestag to utilize v1.0.9 of the Community Action Maven release in Java 11 example workflow, and Java 1.8 example workflows.
• Updates release.sh to refer to v1.0.9 of the Community Action Maven release

v1.0.9

Compare Source

Changes

• Separated deploy into two Maven commands using two different profiles (as introduced in https://github.com/camunda-community-hub/community-hub-release-parent/releases/tag/1.2.2)

v1.0.8

Compare Source

What’s New:


This release simplified the maven release procedure as described in #​21

v1.0.7

Compare Source

🥇 What’s New:



Improved Security Vulnerability Scanning Options

🔒 This release introduces the ability to upload the results of a Trivy vulnerability scan contained in a Sarif file to the GitHub Security tab.

The Trivy Security Scanning option was released in v1.0.6 of the Action, which can be optionally run during the release process contained in this action via a Bash script. When enabled, Trivy scans for security vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues. To enable the scanner, set the vulnerability-scan input default to true.

Note -- If there are no vulnerabilities found, or UNKNOWN, LOW, or MEDIUM vulnerabilities, the action will complete with exit 0. If there is a HIGH or CRITICAL vulnerability found, the release deployment will fail with exit 1. The results of the scan will then be displayed in a sarif.tpl named trivy-results.sarif.

As mentioned above, with this release, these results will then will be uploaded to the Security tab in your repository.

🕐 What's Next

Evaluating #​2
Evaluating #​5

If you'd like to contribute to the above issues. pull requests are welcome and appreciated! :)

Huge thanks to @​Langleu for his impeccable work pair programming with @​celanthe to make this release possible! 🚀 🎉

v1.0.6

Compare Source

What’s New:



This release introduces optional Trivy Security Scanning, which can be run during the release process contained in this action via a Bash script. When enabled, Trivy scans for security vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues. To enable the scanner, set the vulnerability-scan input default to true.

If there are no vulnerabilities found, or UNKNOWN, LOW, or MEDIUM vulnerabilities, the action will complete with exit 0. If there is a HIGH or CRITICAL vulnerability found, the release deployment will fail with exit 1. The results of the scan will then be displayed in a sarif.tpl named trivy-results.sarif.

v1.0.5

Compare Source

What's New:

• v1.0.5 of the Community Action Maven Release adds additional inputs.maven-build-options to the 'run maven' step of the current Action

What's Next

#​5
#​2

Huge thanks to @​VonDerBeck and @​gclaussn for their thoughtful comments and reviews!

v1.0.4

Compare Source

What's New

• #​14 Introduces the ability to find and replace the SNAPSHOT repository URL, no matter where the target directory is located. Huge thanks to @​gclaussn for their wonderful contribution to the Community Action Maven Release project!

Upcoming Projects

• #​5 -- Be able to specify the build command
• #​2 -- Unexpected version after alpha release

v1.0.3

Compare Source

What's New

• #​13 Introduces additional options for each Maven execution into the Action, allowing the ability to use the Community Hub release Action with a Maven project that is not in the root directory. Huge thanks to @​gclaussn for their wonderful contribution to the Community Action Maven Release project!

Upcoming Projects

• #​5 -- Be able to specify the build command
• #​2 -- Unexpected version after alpha release

v1.0.2

Compare Source

• minor bug fix to overwrite the release tag with the release version in the pom.xml (Issue #​6 PR #​7)

v1.0.1

Compare Source

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Test Results

0 tests   0 ✅  0s ⏱️
0 suites  0 💤
0 files    0 ❌

Results for commit 3aa12d7.

♻️ This comment has been updated with latest results.